Could you please share with me the code reference so I know where ABP populates ICurrentUser
? I'm a commercial customer, but I'm happy with a reference to the open-source version, too.
Thanks, Osmar
Thank you, this was helpful!
A couple of additional questions on top of what I sent before:
ICurrentUser
and that seems to be the right direction in terms of passing the correct ID to ABP. How does ABP handle the claims received by Auth Server? Does ABP have anything in between the Auth Server and how claims get populated within the ClaimsPrincipal
?Thanks.
I spent the day looking into this, but unfortunately, as we are ABP Commercial customers, I can't see what IdentityPro registers. I would like to know which services to rewrite, which claims my users have to have, and how to ensure that tenant information and the current user are populated correctly.
Hi,
I'm replacing ABP's AuthServer with Auth0. I can authenticate users on Auth0, but that's the easiest part. To make things easier, I'm tackling one problem at a time. Please, note that I have looked at the docs and I didn't find anything pointing me in the right direction.
**I want to log into Admin Web Portal using my Auth0 user **
I have successfully configured the authentication to switch from Auth0 to Auth Server - both can authenticate, but only Auth Server authorises users.
**My questions are: **
Thanks in advance.
I'm sorry, but I checked both documents before coming here; otherwise, I wouldn't have created a ticket.
If you refuse to give me an answer, that's OK. I have a fully functional system, but I can't see how I can remove the permission groups in either document you have suggested so far. If that's as simple as you suggested, I would really appreciate if you could copy something from the actual page that indicates how to do what I am asking.
Sorry, maybe I'm missing something here.
1. I would like to delete the permission groups above. What are the options I have for doing that?
How does this help deleting the groups I posted in my question? I would like to have permissions that I no longer define deleted from the application.
2. I would like to define the permissions of a given role. What are the options I have for doing that?
Currently, I create my roles using IdentityRoleManager.CreateAsync and then the permissions are loaded into the system through the class inheriting from PermissionDefinitionProvider.
If I am to create my roles and associate the default permissions for my role, are you saying that I create
group.AddPermission("MyPermissionName").WithProviders("IdentityRoleName);
?
3. How do I ensure that new tenants being created always get the latest set of default permissions for the application? I'm on ABP commercial and would like to ensure that new tenants have the roles and also the permissions associated with the role created by default. If I do what is explained in step 2, do I achieve what I would like to?
4. Can I disable the out-of-the-box admin role? How do I do that?
Thanks
I'm struggling to get around how to manage permissions, permissions no longer used and permissions per role.
Thanks!
That sounds good! Thank you!
Hi,
Over the last 11 months, we've been using ABP, and we are happy about it. However, I have been ignoring some key security alerts emitted by GitHub Dependabot and I'd like to know if the ABP team is currently using something along the lines and, also, when there will be an update to the following vulnerabilities:
HIGH
MEDIUM
LOW
Please, let me know how I can ensure my apps are up-to-date and compliant with the latest security standards. Thanks!